Adding new DAG member from different subnets

Trying to enable DAG between on-premises site and remote site (vchs.vmware.com). I have 2 Exchange 2010 SP2 Servers on-premises with DAG configured on different network (172.16.2.0/24) physically isolated from local LAN (10.1.0.0 /16). It is a IPSec VPN configured between sites with traffic IP any any enabled.
The remote site configured with main LAN (10.15.1.0/16) and DAG Replication network (172.16.1.0/24). I can ping both sites from either DAG or MAPI network.
Trying to add another server from a remote site to DAG Group. The following error occurred:

Thanks! The problem is that I have a production servers with multiple DB's and 2 DAG member and I just need to add another server to it in remote DR location, so, removing all this is not a solution for me. Any other thoughts on it? Thank you in advance, A

Managing Active Directory does not always have to be complicated. If you are spending more time trying instead of doing, then it's time to look at something else. For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why

Exchange NIC's are not teamed. It's one NIC for MAPI and one for DAG Replication on each machine. They all virtual on vmware hosts.

What are the prerequisites for the DAG? NIC tunning, such as disabling some services?
Also, if I'm pinging across VPN tunnel from one side to another - the timing is around 80-83 ms - Is this too much?

Also, on the server which I'm trying to add to DAG I have this error event ID 1282:

Security Handshake between local and remote endpoints '10.15.1.14:~40775~ -> 10.1.1.14:~3343~' did not complete in '40' seconds, node terminating the connection

Featured Post

Create well-organized and polished visualizations of your virtual and backup environments when planning VMware vSphere, Microsoft Hyper-V or Veeam deployments. It helps you to gain better visibility and valuable business insights.

Unified and professional email signatures help maintain a consistent company brand image to the outside world. This article shows how to create an email signature in Exchange Server 2010 using a transport rule and how to overcome native limitations …

A couple of months ago we ran into an issue that necessitated re-creating our Edge Subscriptions. However, when we attempted to execute the command: New-EdgeSubscription -filename C:\NewEdgeSub_01.xml we received an error indicating that the LDAP se…

In this video we show how to create an Accepted Domain in Exchange 2013. We show this process by using the Exchange Admin Center.
Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center.
Navigate to the Mail Flow >> Ac…